article thumbnail

10 things you must do to become cyber secure

IT Governance

Conduct staff awareness training. Your employees are the ones following your policies and procedures, so they are directly responsible for keeping threats such as ransomware and phishing at bay. System monitoring enables organisations to detect criminals’ attempts to attack systems and business services.

Security 105
article thumbnail

FCA Publishes Wholesale Banks and Asset Management Cyber Multi-Firm Review Findings

Data Matters

Connecting cyber and conduct risk – the Report notes that clearly firms are aware of the threats posed by ‘insiders’ but firms need to further consider how they address this risk, in particular by embedding a security culture throughout all aspects of the business. phishing) and systems (e.g., simulated attacks).

article thumbnail

Proposed Amendments to NY Financial Services Cybersecurity Regulations Impose New Obligations on Large Entities, Boards of Directors and CISOs

Hunton Privacy

As part of the “training and monitoring” requirements under Section 500.14 A covered entity’s cyber program must include phishing training and exercises, as well as monitoring and filtering of emails to block malicious content. As part of the “risk assessment” requirements under Section 500.9